def test_hacker_trying_to_create_schema(self):
db = "test_db"
admin_on_test_db = CLI({**creds, **{"PGDATABASE": db}})
try:
# Create tables
admin_on_test_db.execute(
"GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA pg_catalog TO " +
"user_x")
hacker_user = Expect({
**creds,
**{
"PGUSER": '******',
"PGDATABASE": db,
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
hacker_user.execute_template("sql/test_table.sql.tpl",
TABLE='user_x_table')
admin_on_test_db.execute_template("sql/query_permissions.sql.tpl",
USER='******')
hacker_user.expect_execute(
"CREATE SCHEMA %s;" % 'new_schema',
'permission denied for database test_db')
hacker_user.close()
finally:
admin_on_test_db.close()
return self
def test_cross_project_connect_to_database(self):
admin = Expect(creds)
try:
admin.expect_connect('test_db', 'project_1_user_1',
'User does not have CONNECT privilege.')
admin.expect_connect('project_1', 'project_1_user_1')
finally:
admin.close()
return self
def test_hacker_granting_access_with_connect(self):
db = "test_db"
admin_on_test_db = CLI({**creds, **{"PGDATABASE": db}})
try:
hacker_user = Expect({
**creds,
**{
"PGUSER": '******',
"PGDATABASE": db,
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
hacker_user.execute_template("sql/test_data_force_grant_1.sql.tpl",
WORKSPACE=db,
USER='******')
# grant user connect
admin_on_test_db.execute_template("sql/user_connect.sql.tpl",
APP_DATABASE=db,
USER='******')
con = Expect({
**creds,
**{
"PGUSER": '******',
"PGDATABASE": db,
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
con.expect_execute("SELECT * from protected_data.table_1",
'permission denied for schema protected_data')
admin_on_test_db.execute_template("sql/query_permissions.sql.tpl",
USER='******')
con.close()
admin_on_test_db.close()
finally:
admin_on_test_db.close()
return self
def test_cross_project_granting_access_without_connect(self):
con = Expect(creds)
try:
con.expect_connect('test_db', 'project_1_user_1',
'User does not have CONNECT privilege')
finally:
con.close()
return self
def test_no_existing_table(self):
con = Expect({
**creds,
**{
"PGUSER": '******',
"PGDATABASE": 'project_1',
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
try:
con.expect_execute(
"SELECT * from protected_data.table_1",
'relation "protected_data.table_1" does not exist')
finally:
con.close()
return self
def test_hacker_trying_to_grant_role_to_another_user(self):
db = "test_db"
hacker_user = Expect({
**creds,
**{
"PGUSER": '******',
"PGDATABASE": db,
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
try:
hacker_user.expect_execute(
"GRANT %s_contribute TO %s;" % (db, 'project_1_user_1'),
'must have admin option on role "test_db_contribute"')
finally:
hacker_user.close()
return self
def test_incremental_user_access(self):
db = "test_db"
admin_on_test_db = CLI({**creds, **{"PGDATABASE": db}})
try:
prep_db = Expect({**creds, **{"PGDATABASE": db}})
prep_db.execute_template("sql/test_data_project.sql.tpl")
user = "******"
admin_on_test_db.execute_template("sql/user.sql.tpl",
USER=user,
PASSWORD=Expect.TMP_PASSWORD)
prep_db.expect_connect(db, user,
'User does not have CONNECT privilege.')
admin_on_test_db.execute_template("sql/user_connect.sql.tpl",
APP_DATABASE=db,
USER=user)
user_db = Expect({
**creds,
**{
"PGUSER": user,
"PGDATABASE": db,
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
user_db.expect_execute(
"SELECT * from pg_settings",
'permission denied for relation pg_settings')
user_db.expect_execute(
"SELECT * from protected_data.table_1",
'permission denied for schema protected_data')
admin_on_test_db.execute_template("sql/setup_user.sql.tpl",
WORKSPACE=db,
USER=user)
user_db.expect_success("SELECT * from protected_data.table_1")
user_db.expect_execute(
"CREATE TABLE protected_data.table_2 (name varchar(20));",
'permission denied for schema protected_data')
user_db.expect_execute(
"CREATE TABLE working_data.table_2 (name varchar(20));",
'permission denied for schema pg_catalog')
admin_on_test_db.execute_template("sql/setup_user_2.sql.tpl",
WORKSPACE=db,
USER=user)
user_db.expect_success(
"CREATE TABLE working_data.table_2 (name varchar(20));")
prep_db.match_results(
"sql/query_permissions.sql.tpl",
'results/test_incremental_user_access/perms.txt',
USER=user)
user_db.close()
prep_db.close()
finally:
admin_on_test_db.close()
def test_cross_project_attempt_to_grant_usage(self):
admin = CLI(creds)
db = "test_db"
try:
hacker_user = Expect({
**creds,
**{
"PGUSER": '******',
"PGDATABASE": db,
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
hacker_user.execute_template("sql/test_data_force_grant_1.sql.tpl",
WORKSPACE=db,
USER='******')
con = Expect({
**creds,
**{
"PGUSER": '******',
"PGDATABASE": 'project_1',
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
con.expect_execute(
"SELECT * from test_db.protected_data.table_1",
'cross-database references are not implemented')
con.close()
hacker_user.close()
finally:
admin.close()
return self
def test_single_project(self):
admin = CLI(creds)
try:
db = "test_db"
prep_db = Expect({**creds, **{"PGDATABASE": db}})
prep_db.execute_template("sql/test_data_project.sql.tpl")
prep_db.close()
user = Expect({
**creds,
**{
"PGUSER": '******',
"PGDATABASE": db,
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
user.expect_execute("SELECT * from pg_settings",
'permission denied for relation pg_settings')
user.expect_success("SELECT * from protected_data.table_1")
user.expect_execute(
"CREATE TABLE protected_data.table_2 (name varchar(20));",
'permission denied for schema protected_data')
user.expect_success(
"CREATE TABLE working_data.table_2 (name varchar(20));")
admin_on_test_db = Expect({**creds, **{"PGDATABASE": db}})
admin_on_test_db.match_results(
"sql/query_permissions.sql.tpl",
'results/test_single_project/perms.txt',
USER='******')
admin_on_test_db.close()
user.close()
finally:
admin.close()
def test_user_connect_access(self):
admin = CLI(creds)
try:
user = "******"
db = "test_db"
userdb = Expect(creds)
admin.execute_template("sql/user.sql.tpl",
USER=user,
PASSWORD=Expect.TMP_PASSWORD)
userdb.expect_connect(db, user,
'FATAL: permission denied for database')
admin.execute_template("sql/user_connect.sql.tpl",
APP_DATABASE=db,
USER=user)
userdb.expect_connect(db, user)
admin_on_test_db = Expect({**creds, **{"PGDATABASE": db}})
admin_on_test_db.match_results(
"sql/query_permissions.sql.tpl",
"results/test_user_connect_access/perms.txt",
USER='******')
admin_on_test_db.close()
userdb.close()
finally:
admin.close()
def test_set_search_path(self):
admin = Expect(creds)
try:
databases = ['orig_db']
for db in databases:
admin.execute("CREATE DATABASE %s;" % db, True)
admin.execute_template(
"sql/original_db_prep.sql",
APP_DATABASE=db,
POSTGRES_APP_USERNAME='******' % db,
POSTGRES_APP_PASSWORD=Expect.TMP_PASSWORD)
admin_on_db = Expect({**creds, **{"PGDATABASE": db}})
admin_on_db.execute_template(
"sql/original_db_setup.sql",
APP_DATABASE=db,
WORKSPACE=db,
POSTGRES_APP_PASSWORD=Expect.TMP_PASSWORD)
admin_on_db.execute_template("sql/original_db_user_setup.sql",
WORKSPACE=db,
USER='******' % db,
PASSWORD=Expect.TMP_PASSWORD)
admin_on_db.close()
admin.execute(
"ALTER DATABASE %s SET search_path = working_data" % db,
True)
enduser_on_db = Expect({
**creds,
**{
"PGDATABASE": db,
"PGUSER": "******" % db,
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
enduser_on_db.match_results(
'sql/query_search_path.sql',
'results/test_set_search_path/results.txt')
enduser_on_db.close()
finally:
admin.close()
def test_simple_user_creating_database(self):
admin = Expect(creds)
try:
user = '******'
admin.execute('show search_path')
admin.execute_template("sql/original_db_prep.sql",
POSTGRES_APP_USERNAME=user,
POSTGRES_APP_PASSWORD=Expect.TMP_PASSWORD)
admin.execute("ALTER USER %s CREATEDB" % user, True)
enduser_on_db = Expect({
**creds,
**{
"PGUSER": user,
"PGPASSWORD": Expect.TMP_PASSWORD
}
})
db = "temp_db"
try:
enduser_on_db.execute("CREATE DATABASE %s" % db, True)
finally:
enduser_on_db.execute("DROP ROLE %s_contribute" % db, False)
enduser_on_db.execute("DROP ROLE %s_readonly" % db, False)
enduser_on_db.execute("DROP DATABASE %s" % db, False)
enduser_on_db.close()
finally:
admin.close()